12/19/2015

SilverPush audio beacons have attracted growing criticism recently,
so Avira has classified SilverPush as malware as it can read and pass on
personal information.

SilverPush can synchronize user profiles via devices using an
ultrasonic signal that people cannot hear. This enables advertisers to
determine who responded to one of their ads, after seeing it on the TV,
if a viewer uses his/her tablet.

"The signal (from the TV ad) can be heard by apps which use
SilverPush software. They then respond by sending a message to
SilverPush stating where the ad was seen and on which channel it was
broadcast. The message also contains the precise device ID, MAC address
of the Wi-Fi router, details on the device's operating system, and even
the user's telephone number", explains Travis Witteveen, CEO of Avira.

The really sneaky thing is that users often don't know they've
installed SilverPush. There is no option to opt-out of giving consent to
cross-device tracking. In addition, SilverPush doesn't list the apps in
which its SDK is integrated either. Apparently, the technology is
already installed on over 18 million smartphones globally.

Avira classifies all apps which use SilverPush as malware and warns
users against installing it and suggests uninstalling/blocking installed
apps.